package com.example.demo.authority.impl;

import com.example.demo.authority.MyAuthorityPermit;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;

@Component
public class MyAuthorityPermitImpl implements MyAuthorityPermit {

    @Override
    public boolean hasAuthority(HttpServletRequest request, Authentication authentication) {
        String [] roles=request.getParameterValues("roles");
        String [] authorities=request.getParameterValues("authorities");

        System.out.println("权限集合"+authentication.getAuthorities());
        System.out.println("身份认证"+authentication.getPrincipal());
        System.out.println("凭证"+authentication.getCredentials());
        System.out.println("明细"+authentication.getDetails());
        System.out.println("是否登录"+authentication.isAuthenticated());
        for(String role : roles){
            String temp= "ROLE_"+role;
            if(authentication.getAuthorities().contains(new SimpleGrantedAuthority(temp))){
                return true;
            }
        }
        for(String authority : authorities){
            String temp= "ROLE_"+authority;
            if(authentication.getAuthorities().contains(new SimpleGrantedAuthority(temp)));
        }
        return false;
    }
}
